[SERVER-11572] Mongo shell should not require a password for SSPI on a domain joined computer when authenticating via the command line Created: 05/Nov/13 Updated: 11/Jul/16 Resolved: 23/Jan/14 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | 2.5.3 |
| Fix Version/s: | 2.5.5 |
| Type: | Bug | Priority: | Minor - P4 |
| Reporter: | Craig Wilson | Assignee: | Eric Milkie |
| Resolution: | Done | Votes: | 0 |
| Labels: | 26qa | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
Windows Mongo Shell |
||
| Issue Links: |
|
||||||||||||
| Operating System: | Windows | ||||||||||||
| Participants: | |||||||||||||
| Description |
|
On a windows computer joined to a domain, it should not be required to provide a password for SSPI when the logged in as the desired user. On the test box, I can successfully authenticate when providing a password, but when the password is omitted, the following error is produced:
|
| Comments |
| Comment by Githook User [ 23/Jan/14 ] |
|
Author: {u'username': u'milkie', u'name': u'Eric Milkie', u'email': u'milkie@10gen.com'}Message: |
| Comment by Craig Wilson [ 05/Nov/13 ] |
|
The server has no error. Other than a connection being opened and then forcibly closed by the client, it doesn't appear that the client ever attempts to authenticate to the server. |
| Comment by Eric Milkie [ 05/Nov/13 ] |
|
What's the server log error when auth fails in this way? |
| Comment by Craig Wilson [ 05/Nov/13 ] |
|
Also true with regards to the tools, mongodump, mongorestore, etc... |
| Comment by Eric Milkie [ 05/Nov/13 ] |
|
Very interesting. Thanks for updating the description. Hopefully it won't be too hard to fix. |
| Comment by Craig Wilson [ 05/Nov/13 ] |
|
I have confirmed this works correctly with the shell helper. However, it does not work via the command line as you correctly surmised. |
| Comment by Eric Milkie [ 05/Nov/13 ] |
|
This ought to work already. My first guess is that you are attempting to authenticate automatically via command line arguments rather than using the auth() shell helper directly. I had success using the shell helper but I never tried using the command line arguments to authenticate, so the problem might lie there. |